Your Data Privacy with Florist Thornton Heath

Customer Privacy Policy for Florist Thornton Heath

Introduction

This Privacy Policy describes how Florist Thornton Heath adheres to the General Data Protection Regulation (GDPR) when collecting, processing, storing, and protecting your personal data. This policy applies to all customers placing Florist Thornton Heath orders in Thornton Heath and its surrounding districts.

What Data We Collect

When you interact with Florist Thornton Heath, especially when placing an order, we may collect the following types of personal data:

Identification and Contact Information: Name, delivery address, contact number, and payment confirmation details.
Order Details: Information about the flowers or products purchased, purchase history, recipient names, and delivery instructions.
Payment Information: Only payment confirmation or payment status; payment card details are processed securely by our payment processors and not stored by us.
Communications Data: Records of correspondence with us, including order queries, complaints, or feedback.
Technical Data: When applicable, we may collect device identifiers, IP addresses, browser type, or cookies to facilitate your online shopping experience.

Lawful Basis for Processing Your Data

The GDPR requires us to identify and communicate the lawful basis for processing your personal data. At Florist Thornton Heath, we process your data under the following legal bases:

Contractual Necessity: We process essential data to fulfill our contract with you, such as delivering your chosen products and contacting you about your order.
Legal Obligations: We may process data as necessary to comply with tax, accounting, or other regulatory requirements.
Legitimate Interests: In some cases, we process your data to pursue our legitimate business interests, such as improving our service, preventing fraud, or handling customer enquiries. We always assess that these interests do not override your rights.
Consent: Where required, we seek your explicit consent before using your data for purposes such as direct marketing. You can withdraw consent at any time.

How We Use Your Information

Your personal data is used for the following purposes:

Processing and delivering your orders accurately and efficiently.
Communicating with you about your orders, including updates, confirmations, or issues.
Handling returns, refunds, complaints, and customer service requests.
Improving our services, site functionality, and understanding your preferences.
Complying with applicable laws and regulations.
Sending you updates or marketing communications if you have opted in.

Retention of Your Personal Data

Florist Thornton Heath only retains your personal data for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. The exact retention period depends on the type of data and the reason for its retention:

Order and transactional data is commonly retained for up to seven years to comply with tax and contractual obligations.
Correspondence and communications are typically kept for up to two years after resolution of your enquiry or complaint.
Where data is held on the basis of your consent, it will be retained until you withdraw that consent.

Data Processors and Third Parties

We may share your data with trusted third-party service providers (“processors”) involved in facilitating your transactions and efficient service delivery, such as:

Payment processing partners (who securely handle your payment information)
Delivery and courier services for order fulfillment
IT providers for website, order management, and secure data storage
Professional advisers (accountants or auditors) for business compliance

We ensure that all data processors are GDPR-compliant and only process your personal data according to our instructions, maintaining its security and confidentiality. We do not sell or rent your personal data to third parties for their independent use.

Your Data Security

We take the security of your personal information seriously and employ appropriate organizational and technical measures to protect it from unauthorized access, loss, or misuse. This includes secure storage of digital and paper records, limited access by authorized staff, and contractual obligations for our processors.

Your Rights Under GDPR

GDPR grants you specific rights regarding your personal data. You have the right to:

Access: Request a copy of your personal data that we hold.
Rectification: Request corrections to any incomplete or inaccurate data.
Erasure: Ask us to delete your personal data where it is no longer necessary or if you withdraw consent.
Restriction: Request to restrict processing of your personal data in certain circumstances.
Portability: Ask us to provide you or another service provider with your data in a structured, commonly used format.
Objection: Object to processing based on legitimate interests or for direct marketing purposes.
Withdraw Consent: Where we process your data on the basis of consent, you may withdraw this at any time.

If you wish to exercise any of these rights, please contact us through our usual customer service channels. We may need to verify your identity for security purposes.

Updates to This Privacy Policy

Florist Thornton Heath may update this Privacy Policy as our business, legal obligations, or data processing practices change. Any updates will be communicated on our website or upon request. We encourage you to review the policy regularly for the latest information.

Applicability

This Privacy Policy applies to all customers placing orders with Florist Thornton Heath from Thornton Heath and its surrounding districts. By engaging with our services, you acknowledge and accept the practices described in this policy.

Contacting Us

If you have any queries or concerns regarding how we use your personal data or wish to exercise your rights under GDPR, please reach out via our standard contact points. We are committed to resolving privacy-related issues promptly and transparently.